Issue authenticating node-red-contrib-google-oauth2

I am having some issues trying to authenticate the node-red-contrib-google-oauth2 node.

I have a Google Project set up, and have set up my credentials. When trying trying to configure the node, I key in my ClientID, and secret, but I also need to provide a 'scope' value. I don't see that in the documentation. I did some digging, and I am trying to use 'openid' as my scope. Is that correct?

When I hit the authenticate button, I get the following error;

## Error 400: redirect_uri_mismatch

The redirect URI in the request, http://node-red.example.com:8123/api/hassio_ingress/xxx/google-credentials/auth/callback, does not match the ones authorized for the OAuth client. To update the authorized redirect URIs, visit:...

I have the following values set up for my Authorized JavaScript origins:

http://192.168.xxx.xxx:8123 (has the proper IP)
http://localhost:8123

and the following under Authorized redirect URIs

https://xxx.ui.nabu.casa/api/hassio_ingress/xxx/google-credentials/auth/callback (with proper URL)
http://localhost:8123/google-credentials/auth/callback

any help?

Hi,

I just hit the same issue and am currently still working oauth out myself, that said I have the node working now and in my case can query the classroom API fine.

The issue we hit is due to the node trying to workout the callback address based on the hostname you are using - if you have a private ip - it uses a dummy domain of 'node-red.example.com' which is hard-coded into the nodes config. Now in my case internally I go directly to the server for access to the actually server, externally all traffic is reverse proxied through a nginx server which does have a domain name and only publishes some directories.

To get it working - you will need to setup external access for the callback url (I currently don't see oauth working if it isn't externally available) - if you have exactly the same url internally and externally - it will probably work fine otherwise I had to edit the google-auth.html file under /node_modules/node-red-contrib-google-oauth2/ and add a callback="...."; line under the statement where it is setup normally.

As for the scope - the main node will list the scopes you need for the api you select, otherwise you can go to https://developers.google.com/identity/protocols/oauth2/scopes and it lists the API scopes.

Hope this helps you or others having the issue.

For those googling. I lost an hour or so of my day today trying to figure it out.

In my case (I was configuring a node red instance that is running in the cloud accessed via a VPN) I just needed to add a entry to my local hosts file that pointed the vpn address to node-red.example.com such as

10.8.0.1 node-red.example.com

and after that it all worked like magic

Sorry after re reading it does not answer the original post.

To get scope initially choose the api in the config screen and it will give you a list of scopes. you will then need to add those on the next screen with client Id and secret

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.